The (not so profitable) Path towards Automated Heap Exploitation presented at hacktivity2018 2018

by Thais Moreira Hamasaki,


Summary : The modern world depends and rely on the security (and safety!) of software. To protect privacy, intellectual property, customer data and even national security are goals for most of us. Analysis tools can help us to get new insights that can be used to secure software and hardware by identifying vulnerabilities and issues, before they cause harm downstream. The automatic exploit generation is an old challenge in the industry that is not totally solved - in fact, we are far away from it, as Julien Vanegue stated in May this year. Furthermore, AEG is limited right now to stack-based buffer overflows and format string exploits as the semantic information about user bytes in memory is not available.In this talk I am showing a proof of concept for automated heap exploit generation on an x86 architecture, using symbolic execution and SMT solvers.